This policy configures which URLs will be granted access to use remote attestation of device identity during the SAML flow on the sign-in screen.
Specifically, if a URL matches one of the patterns provided through this policy, it will be allowed to receive a HTTP header containing a response to a remote attestation challenge, attesting device identity and device state.
If this policy is not set or is set to an empty list, no URL is allowed to use remote attestation on the sign-in screen.
URLs must have HTTPS scheme, e.g. "https://example.com".
For detailed information on valid url patterns, please see https://cloud.google.com/docs/chrome-enterprise/policies/url-patterns.
Example value:
https://www.example.com/
https://[*.]example.edu/
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Google\ChromeOS\DeviceWebBasedAttestationAllowedUrls |
Value Name | {number} |
Value Type | REG_SZ |
Default Value |